A Risk Management Approach to Data Preservation

Similar documents
ESKISP Direct security testing

Sensor Information Representation for the Internet of Things

Information Governance Maturity Model

INFORMATION MANAGEMENT STRATEGIC FRAMEWORK GENERAL NAT OVERVIEW

72. Ontology Driven Knowledge Discovery Process: a proposal to integrate Ontology Engineering and KDD

Core Fittings C-Core and CD-Core Fittings

Overview TECHIS Manage information security business resilience activities

On the relevance of Enterprise Architecture and IT Governance for Digital Preservation

>

Secure Semantic Web Service Using SAML

OWL Ontology Translation for the Semantic Web

Approach to Information Security Architecture. Kaapro Kanto Chief Architect, Security and Privacy TeliaSonera

KPMG in India s Software testing services Test consulting case studies

Information Security Management System (ISMS) Policy

Open Source egovernment Reference Architecture Osera.modeldriven.org. Copyright 2006 Data Access Technologies, Inc. Slide 1

ESKISP Manage security testing

Government of India Ministry of Communications & Information Technology Department of Electronics & Information Technology (DeitY)

Smart Meters Programme Schedule 8.6. (Business Continuity and Disaster Recovery Plan) (CSP North version)

FHIM Model Content Overview

ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES

DRIVE-BY DOWNLOAD WHAT IS DRIVE-BY DOWNLOAD? A Typical Attack Scenario

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT

How To Be An Architect

ONEM2M SERVICE LAYER PLATFORM

Information Technology for KM

How To Understand The Difference Between Terminology And Ontology

A HUMAN RESOURCE ONTOLOGY FOR RECRUITMENT PROCESS

ArchiMate and TOGAF. What is the added value?

Federated, Generic Configuration Management for Engineering Data

Modelling, Analysing and Improving an ERP Architecture with ArchiMate

Business Intelligence

In ediscovery and Litigation Support Repositories MPeterson, June 2009

NASCIO EA Development Tool-Kit Solution Architecture. Version 3.0

Basic Unified Process: A Process for Small and Agile Projects

Ensuring Cloud Security Using Cloud Control Matrix

Digital Continuity Plan

Experiences from a Large Scale Ontology-Based Application Development

Service Oriented Architecture

Core Enterprise Services, SOA, and Semantic Technologies: Supporting Semantic Interoperability

DORSET & WILTSHIRE FIRE AND RESCUE AUTHORITY Performance, Risk and Business Continuity Management Policy

Approach to Business Architecture

Building Semantic Content Management Framework

EUROPASS DIPLOMA SUPPLEMENT

Semantic Interoperability

ChemCloud - Chemical e-science Information Cloud. Adrian Paschke, Freie Universitaet Berlin Stephan Heineke, FIZ CHEMIE

A generic approach for data integration using RDF, OWL and XML

COBIT 5 for Risk. CS 3-7: Monday, July 6 4:00-5:00. Presented by: Nelson Gibbs CIA, CRMA, CISA, CISM, CGEIT, CRISC, CISSP ngibbs@pacbell.

HP SOA Systinet software

Concept of Operations for Line of Business Initiatives

A Mind Map Based Framework for Automated Software Log File Analysis

SECURITY MANAGEMENT Produce security risk assessments

Translation Protégé Knowledge for Executing Clinical Guidelines. Jeong Ah Kim, BinGu Shim, SunTae Kim, JaeHoon Lee, InSook Cho, Yoon Kim

Microsoft Solutions for Security. Delivering the Windows Server 2003 Security Guide

From Business Process Models to Use Case Models

Databases & Data Infrastructure. Kerstin Lehnert

Software Development for Medical Devices

Securing The Cloud With Confidence. Opinion Piece

Talend Metadata Manager. Reduce Risk and Friction in your Information Supply Chain

Overview TECHIS Carry out risk assessment and management activities

Know your enemy. Class Objectives Threat Model Express. and know yourself and you can fight a hundred battles without disaster.

Ontological Identification of Patterns for Choreographing Business Workflow

ONEM2M SERVICE LAYER PLATFORM INITIAL RELEASE

Semantic Exploration of Archived Product Lifecycle Metadata under Schema and Instance Evolution

Context Capture in Software Development

How to avoid building a data swamp

Standards and their role in Healthcare ICT Strategy. 10th Annual Public Sector IT Conference

ADMINISTRATION OF ORGANISZATIONAL CHANGES Dr. Karthik Mohandoss. chapter I. Introduction to administration of organizational changes

Transcription:

A Risk Management Approach to Data Preservation Ricardo Vieira* (rjcv@ist.utl.pt)

Digital Preservation Digital Preservation (DP) aims at maintaining valuable digital objects accessible over long periods of time» Problem initially triggered by memory institutions where DP is a main concern» Nowadays, widely present as a generalized concern of organizations» How to address it?

Risk Management Overview Risk Management defines prevention and control mechanisms to address the risk attached to specific activities and valuable assets

Digital Preservation as a Risk Management Activity The goal of DP is to protect digital information against several threats that can affect their proper use and interpretation

Risk Management Approach to Data Preservation

Establish the Context (1/2)

Establish the Context (2/2) Identify strategic objects and define criteria to determine which consequences are acceptable to the specific context. Identify Stakeholders Identify the context (Organisational, Technical and Legal)

Context Model The context model is represented as a set of ontologies Ontologies formalize knowledge representation Information can be extracted from ontologies through querying and processing (e.g. reasoning, logical inference) DIO (ArchiMate) DIO-DSO1 Transformation Map DSO-1 DIO-DSO2 Transformation Map DSO-2

Risk Assessment

Risk Identification Identify. Assets Vulnerabilities Threats Risks

Risk-DL Domain Language (1/2) Concepts mapped to ISO 31000 Concepts formalized using the relational model Risk-DL to represente concepts Interoperability Sharing, discovery, reuse Alignment between risks and organization artifacts Reduce inconsistencies (formalization of risks) Open specification -> support human-machine and machine-machine communication XML properties: Portability Extensibility Etc.

Risk-DL Domain Language (2/2)

Risk Analysis (1/2) Impact Likelihood Risk Level

Risk Analysis (2/2)

Scenario Evaluation

Risk Evaluation Based on the outcome of risk analysis, decided which risks need treatment and the priority for treatment implementation Compare level of risk with initial criteria Scenario evaluation: CCCCC = LLLLLLLLLL RRRR i DP mitigates the risk level for 19 risks Costs without DP: 6,316,520 /year Costs with DP: 909,720 /year Risk cost reduction of 5,406,800 /year (=86%) i IIIIII RRRR i

Risk Treatment 18 timbusproject.net 2011 14 November 2013

Conclusions Using risk management we are able to leverage the digital preservation problem Better understanding of the problem Better understanding of the solution This is valid to other concerns!!! Same approach is being applied to Data Management in e-science project Ferreira, F., Coimbra, M., Vieira, R., Proença, D., Freitas, A., Russo, L., Borbinha, J., Risk Aware Data Management in Metagenomics, 5th INForum (INForum 2013), Évora, Portugal, September 5-6, 2013

Ricardo Vieira rjcv@ist.utl.pt

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information